PDC crash in exchange 2010 environment

Posted on 2014-01-16
Medium Priority
Last Modified: 2014-01-25

Below is my network environment

Sites  3 : Default, site1, site2

In default site I have 1PDC, 1ADC, 2 Mailbox server, 1 CAS server
in site 1 I have ADC
in site 2 I have ADC , exchange all in one server

Yesterday due to Hardware issue, my both PDC and ADC in Default site got crashed, and we can't recover them. Now the Default site exchanges are working with site1 ADC an site2ADC. Now I want to cease the FSMO role into site1 ADC and need to build one new DC in default site and then move the FSMO role to new DC.

Can I cease the role into another site ADC. Any issue will occur?

Pls let me know the steps I need to take to build new DC and make it as PDC in the default site.

Now in the system settings of the exchange server, domain controllers being used by exchange are showing as site1 ADC and site2ADC

Question by:kolathaya123

Assisted Solution

by:Tom Jacob Chirayil
Tom Jacob Chirayil earned 1002 total points
ID: 39787792
In default site,

1. Install Windows 2008
2. Join it to domain
3. Install ADDS
4. Promote as DC
5. Make it GC
6. Check FSMO roles
7. Check replication
8. From Sites & Services, remove traces of old DC (This will do a clean up of meta data)
9. Initiate replication through the other domain controllers.

Assisted Solution

dsnegi_25dec earned 498 total points
ID: 39787903
If I was you I will follow below procedure

1. If my primary DC goes down , First I will make sure to seize my FSMO roles to Additional domain controller (Refer below link) (Note - this action should performed only if Primary DC holds FSMO roles , In case you Additional domain controller hold the FSMO roles then No need to perform step 1 and 2)


2. Once all the roles seized , I will go ahead the configure time service on my new PDC Emulator holding DC ( i.e on addititonal domain controller where I have seized the roles). Refer beliow link which explains how to configure time service on PDC emulator

http://social.technet.microsoft.com/wik ... en-us.aspx

3. Once this is done I will run netdom query fsmo to make sure my ADC holds all the FSMO roles

4.I will perform metadata cleanup of my primary DC which has got failed (Refer below link) and also make sure that none of the old DC DNS entries exists in my domain(refer 2nd link to check where to find out the old DC entries in DNS)


http://blogs.msmvps.com/awinish/2011/05 ... ontroller/

5. After accomplishing this , I will go ahead and rebuild my primary DC by installing server os in it and run dcpromo on it and wait for replication

6. Once this is done I will transfer back all my FSMO roles from my ADC ( You need to configure time service once again if you are transffereing the roles)
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39788137
Just to add...

When you Seize the roles to another site, if you have DC's in the original site that had the PDC make sure that your replication is functioning correctly to this site so that all of the DC's in the original site are aware of the Seizer and get there updates accodingly.

The command above that was specified "netdom query fsmo" needs to be run on all DC's to ensure they are not pointing to the old FSMO role holder. If they are you need to correct replicaiton before proceeding.

If you are using KCC to create site connections and some DC's are not getting updates due to the KCC not operating properly you can create manual connections temporariliy to allow replication. After that you can set it back to KCC.

Another important thing to remember is that when you do a seizer you also need to remove any objects from Sites and Services that are for the old PDC. Another important step would be to ensure that your SRV records no longer have the old PDC listed. Do the following...

- open DNS Manager
- Expand  _msdcs folder
- Check all of the folders/subfolders dc/domain/pdc/gc and make sure that the DC that has been seized no longer has any records under any SRV locations

If you see any records delete them. If your DNS is replicating properly you should only need to do this on 1 read/write DC.

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.


Author Comment

ID: 39791702
I have seized the roles to site1 DC and built new DC in default site. But i am getting strange error in exchange. All databases are mounted in mbx1 and copy is mbx2. If I open the exchnage management console in mbx1 everything shows fine. If I open exchange management console in mbx2, all the database status is shows as service down in mbx1. in MBX2 it shows as healthy.
If I check the mbx1 system property inside mbx2 server, I can't see any DC listed.

How to resolve this issue.


Accepted Solution

Tom Jacob Chirayil earned 1002 total points
ID: 39793846
From MBX2, Open EMC and right click Server Configuration
Select Change Domain Controller
Select the healthy DC in the corresponding Site

If required, restart the Exchange Services too on the MBX2 Server.

See if this resolves your issue. Normally, it should resolve.

Author Comment

ID: 39808444

Sorry for the lat reply.
The issue was the DNS a record for mbx1 was missing. I created the A record and everything working fine.


Author Closing Comment

ID: 39808480

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
Upgrading from older Exchange server to the latest Exchange server can be tiresome, error-prone and risky, without being a seasoned exchange server administrators. It can become even problematic if you're an organization that runs on tight timeline…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question